just a short summary for SSL Pinning:<\/strong><\/h3>\nIf the mobile application does not have SSL pinning, the attackers can read the HTTP packets going back and forth between the application and the server over the network with a proxy easly.<\/span><\/span> For this stiation, the SSL pinning method is used, as a precaution. and as with everything, there are some solutions to bypass. we use Frida for SSL pinning bypass in this article. <\/span><\/span><\/span>now let\u2019s start!<\/p>\nrequirements first:<\/strong><\/h3>\n\n- Fiddler<\/a> (Classic or Everywhere),<\/li>\n
- Python<\/a>,<\/li>\n
- Frida<\/a>,<\/li>\n
- Genymotion<\/a> \/ Emulator or any other,<\/li>\n
- ADB\u00a0 – Android Debug Bridge (if you prefer Genymotion, it already has adb tool.)<\/li>\n<\/ul>\n
\nstart:<\/strong><\/h3>\n<\/p>\n
\n- Install the emulator, and setup an Android
\n(I used Genymotion and Android 7 – Google Nexus)<\/li>\n<\/ul>\n![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_592.png\")
<\/a><\/p>\n\n- Install Frida look here<\/a> for details,
\n![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_593.png\")
<\/a><\/li>\n- Install Fiddler Classic and Python if you don\u2019t have them,
\n![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_595.png\")
<\/a>
\n\/\/ Not that Fiddler’s default port is 8888. Set a port number and use it on everwhere.![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_594.png\")
<\/a>
\n\/\/ General settings for Fiddler SSL tab.<\/li>\n<\/ul>\n <\/p>\n
Action:<\/strong><\/h3>\n\n- Run your Android,<\/li>\n
- Connect your WiFi,<\/li>\n
- (if you need) Download OpenGAPPs:
\n![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_596.png\")
<\/a><\/li>\n- Set your proxy settings on your WiFi connection,<\/li>\n
![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_597.png\")
<\/a><\/li>\n![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_598.png\")
<\/a><\/li>\n![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_599.png\")
<\/a><\/li>\n- Open your mobile browser and visit: http:\/\/ipv4.fiddler:8888\u00a0 (replace 8888, with your port)<\/a>
\n![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_601.png\")
<\/a><\/li>\n- Download FiddlerRoot cert and install it.
\n![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_602.png\")
<\/a><\/li>\n- Download PAPARAZZIAPPS<\/a> [SECURITY APP] – APK<\/a> to test SSL Pinning from here:
\nhttps:\/\/github.com\/ahuamana\/SecurityApp\/releases\/download\/1.4\/PaparazzyApps.-.SecurityApp.apk<\/a><\/li>\n- Install this APK to your Android device, and open it (to test http and https click them),\n
\n![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_603.png\")
<\/a><\/li>\n- you should see the Success result for both of them,<\/li>\n
- but for the SSL Pinning option, the result will be unsuccessful, it\u2019s okay. We will achieve to get 200 result also for this. See:<\/li>\n
![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_604.png\")
<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n
\nAnd the main details: <\/b><\/h3>\n\n- Go to your emulator folder which has adb.exe and open terminal for this folder,<\/li>\n
- run:
\n# .\\adb.exe devices<\/b><\/span> (to see your device)![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_605.png\")
<\/a><\/li>\n- and run the below code to get your Android device core type info
\n# .\\adb.exe shell getprop ro.product.cpu.abi <\/b><\/span>
\nthe output should like this: x86:
\n![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_606.png\")
<\/a><\/b><\/b><\/li>\n- and let\u2019s install the objection
\n<\/a># pip3 install objection<\/span><\/b><\/b>![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_608.png\")
<\/a>\/\/ Objection<\/strong> is a runtime mobile exploration toolkit. developed by frida.<\/li>\n<\/ol>\n <\/p>\n
\n- Go to Frida releases and download your frida-server which is okay with your Android version from here: https:\/\/github.com\/frida\/frida\/releases<\/a>
\ni.e: frida-server-15-1.22<\/b>-android-x86<\/b> is mine.<\/li>\n- Unzip and copy your frida-server to adb.exe folder, in this folder, run these:<\/li>\n
- # .\\adb.exe root<\/span><\/strong><\/li>\n
- # .\\adb.exe push frida-server-15.1.23-android-x86 \/data\/local\/tmp\/<\/span><\/strong><\/li>\n
- # .\\adb.exe shell “chmod 755 \/data\/local\/tmp\/frida-server-15.1.23-android-x86”<\/span><\/strong><\/strong><\/li>\n
![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_609.png\")
<\/a><\/li>\n<\/ul>\n <\/p>\n
<\/p>\n
and the big moment:<\/strong><\/h3>\n\n- run this to list all apps of your devices
\n# frida-ps -U<\/strong><\/span>
\n![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_611.png\")
<\/a><\/li>\n<\/ul>\ntime to bigbang!<\/strong><\/h3>\n\n- # objection –gadget “Paparazzi Apps” explore<\/strong><\/span><\/li>\n
- # android sslpinning disable<\/strong><\/span>
\n![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_612.png\")
<\/a> ![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_614.png\")
<\/a><\/li>\n<\/ul>\n
\nand now retest to SSL Pinning and to get success result:<\/strong><\/h3>\n
requirements first:<\/strong><\/h3>\n\n- Fiddler<\/a> (Classic or Everywhere),<\/li>\n
- Python<\/a>,<\/li>\n
- Frida<\/a>,<\/li>\n
- Genymotion<\/a> \/ Emulator or any other,<\/li>\n
- ADB\u00a0 – Android Debug Bridge (if you prefer Genymotion, it already has adb tool.)<\/li>\n<\/ul>\n
\nstart:<\/strong><\/h3>\n<\/p>\n
\n- Install the emulator, and setup an Android
\n(I used Genymotion and Android 7 – Google Nexus)<\/li>\n<\/ul>\n<\/a><\/p>\n\n- Install Frida look here<\/a> for details,
\n<\/a><\/li>\n- Install Fiddler Classic and Python if you don\u2019t have them,
\n<\/a>
\n\/\/ Not that Fiddler’s default port is 8888. Set a port number and use it on everwhere.<\/a>
\n\/\/ General settings for Fiddler SSL tab.<\/li>\n<\/ul>\n <\/p>\n
Action:<\/strong><\/h3>\n\n- Run your Android,<\/li>\n
- Connect your WiFi,<\/li>\n
- (if you need) Download OpenGAPPs:
\n<\/a><\/li>\n- Set your proxy settings on your WiFi connection,<\/li>\n
- <\/a><\/li>\n
- <\/a><\/li>\n
- <\/a><\/li>\n
- Open your mobile browser and visit: http:\/\/ipv4.fiddler:8888\u00a0 (replace 8888, with your port)<\/a>
\n<\/a><\/li>\n- Download FiddlerRoot cert and install it.
\n<\/a><\/li>\n- Download PAPARAZZIAPPS<\/a> [SECURITY APP] – APK<\/a> to test SSL Pinning from here:
\nhttps:\/\/github.com\/ahuamana\/SecurityApp\/releases\/download\/1.4\/PaparazzyApps.-.SecurityApp.apk<\/a><\/li>\n- Install this APK to your Android device, and open it (to test http and https click them),\n
\n- <\/a><\/li>\n
- you should see the Success result for both of them,<\/li>\n
- but for the SSL Pinning option, the result will be unsuccessful, it\u2019s okay. We will achieve to get 200 result also for this. See:<\/li>\n
- <\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n
\nAnd the main details: <\/b><\/h3>\n\n- Go to your emulator folder which has adb.exe and open terminal for this folder,<\/li>\n
- run:
\n# .\\adb.exe devices<\/b><\/span> (to see your device)<\/a><\/li>\n- and run the below code to get your Android device core type info
\n# .\\adb.exe shell getprop ro.product.cpu.abi <\/b><\/span>
\nthe output should like this: x86:
\n<\/a><\/b><\/b><\/li>\n- and let\u2019s install the objection
\n<\/a># pip3 install objection<\/span><\/b><\/b><\/a>\/\/ Objection<\/strong> is a runtime mobile exploration toolkit. developed by frida.<\/li>\n<\/ol>\n <\/p>\n
\n- Go to Frida releases and download your frida-server which is okay with your Android version from here: https:\/\/github.com\/frida\/frida\/releases<\/a>
\ni.e: frida-server-15-1.22<\/b>-android-x86<\/b> is mine.<\/li>\n- Unzip and copy your frida-server to adb.exe folder, in this folder, run these:<\/li>\n
- # .\\adb.exe root<\/span><\/strong><\/li>\n
- # .\\adb.exe push frida-server-15.1.23-android-x86 \/data\/local\/tmp\/<\/span><\/strong><\/li>\n
- # .\\adb.exe shell “chmod 755 \/data\/local\/tmp\/frida-server-15.1.23-android-x86”<\/span><\/strong><\/strong><\/li>\n
- <\/a><\/li>\n<\/ul>\n
<\/p>\n
<\/p>\n
and the big moment:<\/strong><\/h3>\n\n- run this to list all apps of your devices
\n# frida-ps -U<\/strong><\/span>
\n<\/a><\/li>\n<\/ul>\ntime to bigbang!<\/strong><\/h3>\n\n- # objection –gadget “Paparazzi Apps” explore<\/strong><\/span><\/li>\n
- # android sslpinning disable<\/strong><\/span>
\n<\/a> <\/a><\/li>\n<\/ul>\n
\nand now retest to SSL Pinning and to get success result:<\/strong><\/h3>\n
\nstart:<\/strong><\/h3>\n<\/p>\n
\n- Install the emulator, and setup an Android
\n(I used Genymotion and Android 7 – Google Nexus)<\/li>\n<\/ul>\n<\/a><\/p>\n\n- Install Frida look here<\/a> for details,
\n<\/a><\/li>\n- Install Fiddler Classic and Python if you don\u2019t have them,
\n<\/a>
\n\/\/ Not that Fiddler’s default port is 8888. Set a port number and use it on everwhere.<\/a>
\n\/\/ General settings for Fiddler SSL tab.<\/li>\n<\/ul>\n <\/p>\n
Action:<\/strong><\/h3>\n\n- Run your Android,<\/li>\n
- Connect your WiFi,<\/li>\n
- (if you need) Download OpenGAPPs:
\n<\/a><\/li>\n- Set your proxy settings on your WiFi connection,<\/li>\n
- <\/a><\/li>\n
- <\/a><\/li>\n
- <\/a><\/li>\n
- Open your mobile browser and visit: http:\/\/ipv4.fiddler:8888\u00a0 (replace 8888, with your port)<\/a>
\n<\/a><\/li>\n- Download FiddlerRoot cert and install it.
\n<\/a><\/li>\n- Download PAPARAZZIAPPS<\/a> [SECURITY APP] – APK<\/a> to test SSL Pinning from here:
\nhttps:\/\/github.com\/ahuamana\/SecurityApp\/releases\/download\/1.4\/PaparazzyApps.-.SecurityApp.apk<\/a><\/li>\n- Install this APK to your Android device, and open it (to test http and https click them),\n
\n- <\/a><\/li>\n
- you should see the Success result for both of them,<\/li>\n
- but for the SSL Pinning option, the result will be unsuccessful, it\u2019s okay. We will achieve to get 200 result also for this. See:<\/li>\n
- <\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n
\nAnd the main details: <\/b><\/h3>\n\n- Go to your emulator folder which has adb.exe and open terminal for this folder,<\/li>\n
- run:
\n# .\\adb.exe devices<\/b><\/span> (to see your device)<\/a><\/li>\n- and run the below code to get your Android device core type info
\n# .\\adb.exe shell getprop ro.product.cpu.abi <\/b><\/span>
\nthe output should like this: x86:
\n<\/a><\/b><\/b><\/li>\n- and let\u2019s install the objection
\n<\/a># pip3 install objection<\/span><\/b><\/b><\/a>\/\/ Objection<\/strong> is a runtime mobile exploration toolkit. developed by frida.<\/li>\n<\/ol>\n <\/p>\n
\n- Go to Frida releases and download your frida-server which is okay with your Android version from here: https:\/\/github.com\/frida\/frida\/releases<\/a>
\ni.e: frida-server-15-1.22<\/b>-android-x86<\/b> is mine.<\/li>\n- Unzip and copy your frida-server to adb.exe folder, in this folder, run these:<\/li>\n
- # .\\adb.exe root<\/span><\/strong><\/li>\n
- # .\\adb.exe push frida-server-15.1.23-android-x86 \/data\/local\/tmp\/<\/span><\/strong><\/li>\n
- # .\\adb.exe shell “chmod 755 \/data\/local\/tmp\/frida-server-15.1.23-android-x86”<\/span><\/strong><\/strong><\/li>\n
- <\/a><\/li>\n<\/ul>\n
<\/p>\n
<\/p>\n
and the big moment:<\/strong><\/h3>\n\n- run this to list all apps of your devices
\n# frida-ps -U<\/strong><\/span>
\n<\/a><\/li>\n<\/ul>\ntime to bigbang!<\/strong><\/h3>\n\n- # objection –gadget “Paparazzi Apps” explore<\/strong><\/span><\/li>\n
- # android sslpinning disable<\/strong><\/span>
\n<\/a> <\/a><\/li>\n<\/ul>\n
\nand now retest to SSL Pinning and to get success result:<\/strong><\/h3>\n
\n(I used Genymotion and Android 7 – Google Nexus)<\/li>\n<\/ul>\n
<\/p>\n <\/p>\n <\/p>\n <\/p>\n<\/a><\/p>\n\n
\n<\/a><\/li>\n
\n<\/a>
\n\/\/ Not that Fiddler’s default port is 8888. Set a port number and use it on everwhere.<\/a>
\n\/\/ General settings for Fiddler SSL tab.<\/li>\n<\/ul>\nAction:<\/strong><\/h3>\n
\n
\n<\/a><\/li>\n<\/a><\/li>\n<\/a><\/li>\n<\/a><\/li>\n
\n<\/a><\/li>\n
\n<\/a><\/li>\n
\nhttps:\/\/github.com\/ahuamana\/SecurityApp\/releases\/download\/1.4\/PaparazzyApps.-.SecurityApp.apk<\/a><\/li>\n\n
<\/a><\/li>\n<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n
\nAnd the main details: <\/b><\/h3>\n\n
\n# .\\adb.exe devices<\/b><\/span> (to see your device)<\/a><\/li>\n
\n# .\\adb.exe shell getprop ro.product.cpu.abi <\/b><\/span>
\nthe output should like this: x86:
\n<\/a><\/b><\/b><\/li>\n
\n<\/a># pip3 install objection<\/span><\/b><\/b><\/a>\/\/ Objection<\/strong> is a runtime mobile exploration toolkit. developed by frida.<\/li>\n<\/ol>\n\n
\ni.e: frida-server-15-1.22<\/b>-android-x86<\/b> is mine.<\/li>\n<\/a><\/li>\n<\/ul>\nand the big moment:<\/strong><\/h3>\n
\n
\n# frida-ps -U<\/strong><\/span>
\n<\/a><\/li>\n<\/ul>\ntime to bigbang!<\/strong><\/h3>\n
\n
\n<\/a> <\/a><\/li>\n<\/ul>\n
\nand now retest to SSL Pinning and to get success result:<\/strong><\/h3>\n
![\"\"](\"https:\/\/sahinsolmaz.com\/blog\/wp-content\/uploads\/2022\/06\/Screenshot_615.png\")
<\/a><\/li>\n<\/ul>\n